1. Field of the Invention
The present invention relates generally to an information communication system for so-called online shopping, wherein a network user (hereinafter referred to as “user”) executes a communication service for purchasing commodities (tangible/intangible) from a shop (hereinafter referred to as “net-shop”) that is opened on a network, and more particularly to a technique that realizes a management system, which can securely and efficiently protect personal information of the user.
2. Description of the Related Art
In recent years, with developments of, e.g. communication technologies such as the Internet and data compression technologies using digital signal processing, online shopping using communication lines has been realized. Conventionally, most of commodities that are treated are tangible ones, and a procedure for delivering the commodities to the user is carried out after the contract of purchase is completed. Recently, however, with a remarkable increase in transmission data amount of communication lines, content such as songs, pictures and games with enormous data amounts has been treated as commodities that can be provided on line.
In general, in an information communication system for realizing the online shopping, for example, in a system that provides content as commodities, the user accesses an information providing apparatus of a content delivery center, which provides desired content, from a communication terminal (hereinafter referred to as “user terminal apparatus”) such as a personal computer or a set-top box. The user sends a purchase request or a viewing/listening request according to a menu screen, thus enabling download or reproduction of the content.
Normally, in the system that provides content as commodities on line, content is encrypted and the encrypted content and a decryption key for the encrypted content are delivered to the user. In this case, the content delivery center receives a request from the user, and executes user authentication. If the user meets the condition for authentication, the encrypted content and content key are delivered to the user, and the user terminal apparatus is enabled to decrypt and reproduce the content.
As regards this kind of systems, there is a recent tendency that in an increasing number of cases the content delivery center, which delivers encrypted content, is separately provided from a key issuing center that delivers a content key. In addition, it is expected that in an increasing number of cases in the future, content delivery centers are separately provided for different genres and labels of content. On the other hand, a center that executes user management also serves as a center that executes accounting, etc. The problem encountered in this case is how to manage direct data transactions between the center that does not execute user management and the user terminal apparatus.
It may be thought that each of the respective centers individually executes user management. However, management of personal information requires high security, and a very expensive management system is needed. On the other hand, the user wishes to avoid, as much as possible, registration of personal information in fear of information leakage.
Jpn. Pat. Appln. KOKAI Publication No. 10-269291 discloses a scheme for a digital content delivery management system, wherein an accounting information management institution, a content displaying/delivering institution and a system management institution independently execute data communication with the user-side apparatus. The scheme disclosed in this document, however, aims at solving the problem that communication concentrates on the system side when the user acquires digital content from the system side or executes accounting for the use of the digital content, resulting in the difficulty in providing satisfactory responses to the user. This scheme does not aim at enhancing the security and efficiency of user management.
Jpn. Pat. Appln. KOKAI Publication No. 2002-169720 discloses a content delivery management scheme on the center side. In this scheme, as regards a delivery center and a viewing/listening apparatus, a center management area of a predetermined capacity is secured in a storage unit of the viewing/listening apparatus at a time of membership registration. Information indicative of the condition of use is stored in the center management area. The delivery management center manages the information stored in the center management area in each viewing/listening apparatus. In response to a content delivery request, the delivery management center refers to the stored information in the associated viewing/listening device, recognizes the condition of use of the viewing/listening apparatus, and provides a content storage instruction, etc. The scheme disclosed in this document, however, merely aims at enabling the center side to recognize the condition of use of each viewing/listening apparatus, and does not aim at enhancing the security and efficiency of user management.
The problems in the prior art have been described, referring, by way of example, to the information communication system that executes content delivery services. However, the problem of leakage of personal information and the inefficient user management have been pointed out, not only with respect to the content delivery services but also with respect to various online information communications.
As has been described above, in the conventional information communication system that realizes online shopping, information providing apparatuses that serve as a net-shop are disposed in a distributed fashion according to tasks and roles relating to the provision of services, and there arises a need to individually execute communication with each user terminal apparatus. However, many problems relating to security and cost have been pointed out with respect to the individual user management that is executed by the plural distributed information providing apparatuses.